(optional) For a GKE cluster: the GKE project identifier
Kubernetes cluster identifier.
For a GKE cluster: the GKE cluster identifier
For other types of clusters: user-configured cluster name.
Name of rule in the user’s policy that the audit entry matched.
May be a service account name, an email, an IP address.
IP from which the API server request was received
ASN of IP from which the API server request was received
Country code of IP from which the API server request was received
K8s API group addressed by the request
K8s namespace of resource addressed by the request
k8s type of resource addressed by the request
Name of k8s resource addressed by the request
Name of k8s subresource (usually a remote operation on a pod) addressed by the request (e.g. exec for remote shell, attach, portforward, log)
The remote command that is wrapped by an ‘exec’ command to a pod.
The container within the pod that an ‘exec’ command addresses.
URI addressed by the request
URI addressed by the request which does not match a k8s URI
The k8s verb is the request
The type of requested action on the k8s resource: read (verb is get, get-list) vs. write (verb is create, update, delete, patch)
The base user-agent associated with the request. Some parts of the user-agent string may be extracted to additional fields, like ua-kubectl, ua-keubernetes etc.
The user-agent associated with the request.
Extra AWS Access Key IDs used in authentication
Impersonated user ID.
Impersonated user name.
Extra AWS Access Key IDs used in impersonation
Numeric request status code
Request status string
Boolean true if request was not authorized
Container images affected by request
Summary of Pod Security configuration modified by request (e.g. Deployment creation, update or patch)
Summary of all Container Security configurations modified by request
Summary of all Container Port configurations modified by request
Namespace of Role Binding configuration modified by request
Name of Role Binding configuration modified by request
Role name in Role Binding configuration modified by request
Subjects in Role Binding configuration modified by request
Namespace of Role configuration modified by request
Name of Role configuration modified by request
Summary of rules in Role configuration modified by request